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3 1 . (Original) The object model of claim 29, wherein the IKERule comprises an 
IKEAction action property that defines the authentication methods for performing Internet Key 
Exchange key negotiation protocol. 

REMARKS 

Applicant respectfully requests reconsideration. Claims 1-31 were previously pending in 
this application. By this amendment, Applicant is canceling claims 1-6 without prejudice or 
disclaimer. Claims 7-10, 12, 13, 19, and 21-24 have been amended. 

As a result, claims 7-31 are pending for examination with claims 7, 19, and 24 being 
independent. No new matter has been added. 

Rejections Under 35 U.S.C. §101 
The Office Action rejected claims 5-6, 7-18, 24-31 under 35 U.S.C. §101 as allegedly being 
directed to non-statutory subject matter. Claims 7 and 24 have been amended in accordance with 
guidelines provided in M.P.E.P. § 2106.01. Accordingly, withdrawal of this rejection is respectfully 
requested. 

Rejections Under 35 U.S.C. §102 

The Office Action rejected claims 1-31 under 35 U.S.C. §102(e) as being anticipated by 
Terzis et al., U.S. Publication No. 2004/0243835, (hereinafter Terzis). Independent claims 7 and 
24 have been amended to more clearly distinguish over the cited reference. 

Applicant respectfully traverses the rejection of claims 7-31 for the reasons discussed below. 

First , claim 7, as amended, recites an object model embodied on a computer-readable 
medium for managing a service on a computer, the object model comprising: a policy object model 
for specifying, by a first user, one or more policies that the service supports in a packet-centric 
form, and, by a second user, said one or more policies in a user-centric form and/or an application- 
centric form; and a policy engine platform for interacting of said first user with said one or more 
policies specified in said packet-centric form and of said second user with said one or more policies 

1124054.1 



Application No. 10/740,748 

Reply to Office Action of October 23, 2006 



7 



Docket No.: Ml 103.701 68US00 



specified in said user-centric form and/or said application-centric form, and to provide said one or 
more policies to said at least one component that actually performs the service. 

Terzis is directed to a computer-based system for providing secure, configurable access to 
computer network recourses (Abstract). A human-readable language for defining access policy 
rules is provided, with these rules converted in an automated fashion into filters applied within the 
various subsystems and components in the multiplayer security system (page 2, ^ 001 8). The rules 
may be generated and installed at different levels (page 2, 1 0020). A system administrator uses 
user interfaces to create access/security rules that allow users access to specific network resources 
based on a variety of parameters including group membership and time of day (page 4, ^ 0056). 
The administrator 310 configures the MACSS 300 by providing user information 312, group 
information 314, and access rules 316 (page 4, f 0058, FIG. 3). The administrator may resolve 
conflicts which arise when a new rule is added to the policy database 820 and validation tests 
performed to ensure that the new rule does not conflict with existing policy rules return an error 
message (page 6, 1 0079, FIG. 8). 

Terzis neither discloses nor suggests "a policy object model for specifying, by a first user, 
one or more policies that the service supports in a packet-centric form, and, by a second user, said 
one or more policies in a user-centric form and/or an application-centric form," as recited in claim 
7. Furthermore, Terzis neither discloses nor suggests "a policy engine platform for interacting of 
said first user with said one or more policies specified in said packet-centric form and of said second 
user with said one or more policies specified in said user-centric form and/or said application- 
centric form," as recited in claim 7. 

In view of the foregoing, claim 7 patentably distinguishes over Terzis. 

Claims 8-18 depend from claim 7 and are allowable for at least the same reasons. 

Therefore the rejection of claims 7-18 should be withdrawn. 

Second , claim 19, as amended, recites a method of managing a service on a computer, the 
method comprising: specifying, via a policy object model, by a first user, one or more policies that 
the service supports in a packet-centric form, and, by a second user, said one or more policies in a 
user-centric form and/or an application-centric form; interacting, via a policy engine platform, of 
said first user with said one or more policies specified in said packet-centric form, and of said 
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second user with said one or more policies specified in said user-centric form and/or said 
application-centric form; and providing, via the policy engine platform, said one or more policies to 
at least one component that actually performs the service. 

Terzis neither discloses nor suggests "specifying, via a policy object model, by a first user, 
one or more policies that the service supports in a packet-centric form, and, by a second user, said 
one or more policies in a user-centric form and/or an application-centric form," as recited in claim 
19. Terzis neither discloses nor suggests "interacting, via a policy engine platform, of said first user 
with said one or more policies specified in said packet-centric form, and of said second user with 
said one or more policies specified in said user-centric form and/or said application-centric form," 
as recited in claim 19. 

In view of the foregoing, claim 19 patentably distinguishes over Terzis. 

Claims 20-23 depend from claim 19 and are allowable for at least the same reasons. 

Therefore the rejection of claims 19-23 should be withdrawn. 

Third , claim 24, as amended, recites an object model embodied on a computer-readable 
medium for managing a firewall service on a computer, the object model comprising a policy object 
model used to specify, by a first user, one or more policies that the firewall service supports in a 
packet-centric form, and, by a second user, said one or more policies in a user-centric form and/or 
an application-centric form, the policy model comprising a policyrule object usable to generate 
policy, the policyrule object comprising a condition property and an action property, wherein a 
policy generated by the policyrule object is configured to perform an action in the action property 
responsive to a condition in the condition property being met. 

Terzis neither discloses nor suggests "a policy object model used to specify, by a first user, 
one or more policies that the firewall service supports in a packet-centric form, and, by a second 
user, said one or more policies in a user-centric form and/or an application-centric form," as recited 
in claim 24. 

In view of the foregoing, claim 24 patentably distinguishes over Terzis. 

Claims 25-31 depend from claim 24 and are allowable for at least the same reasons. 

Therefore the rejection of claims 24-31 should be withdrawn. 
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CONCLUSION 

A Notice of Allowance is respectfully requested. The Examiner is requested to call the 
undersigned at the telephone number listed below if this communication does not place the case in 
condition for allowance. 

If this response is not considered timely filed and if a request for an extension of time is 
otherwise absent, Applicant hereby requests any necessary extension of time. If there is a fee 
occasioned by this response, including an extension fee, that is not covered by an enclosed check, 
please charge any deficiency to Deposit Account No. 23/2825. 



Dated: January 23, 2007 Respectfully submitted, 

/ Registration No.: 34,681 
/^TOLF, GREENFIELD & SACKS, P.C. 
Federal Reserve Plaza 
600 Atlantic Avenue 
Boston, Massachusetts 02210-2206 
(617) 646-8000 
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